Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
Urgent
Important
Warning
Warning
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
レベルソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":May 22, 2026, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
204171 7.5 重要
Adjacent 		Huawei - 複数の Huawei デバイス製品のソフトウェアの Smart DNS 機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-4577 2016-05-27 11:23 2016-05-11 Show GitHub Exploit DB Packet Storm
204172 9.8 緊急
Network 		Huawei - 複数の Huawei デバイス製品のソフトウェアの Application Specific Packet Filtering 機能におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2016-4576 2016-05-27 11:23 2016-05-11 Show GitHub Exploit DB Packet Storm
204173 8.1 重要
Network 		Huawei - Huawei S12700 および S5700 スイッチのソフトウェアにおけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4087 2016-05-27 11:23 2016-04-27 Show GitHub Exploit DB Packet Storm
204174 7.8 重要
Local 		Huawei - Huawei Mobile Broadband HL Service における SYSTEM 権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2855 2016-05-27 11:23 2016-05-12 Show GitHub Exploit DB Packet Storm
204175 4.4 警告
Local 		Fabrice Bellard
Fedora Project		 - QEMU の hw/usb/hcd-ehci.c の ehci_advance_state 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4037 2016-05-27 10:08 2016-04-19 Show GitHub Exploit DB Packet Storm
204176 6.5 警告
Local 		Fabrice Bellard - QEMU の hw/i386/kvmvapic.c の patch_instruction 関数におけるホストスタックメモリから重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2016-4020 2016-05-27 10:08 2016-05-23 Show GitHub Exploit DB Packet Storm
204177 5.9 警告
Network 		Fabrice Bellard
Fedora Project		 - QEMU の hw/net/stellaris_enet.c の stellaris_enet_receive 関数におけるバッファオーバーフローの脆弱性 CWE-20
不適切な入力確認 		CVE-2016-4001 2016-05-27 10:08 2016-04-11 Show GitHub Exploit DB Packet Storm
204178 5.5 警告
Local 		Fabrice Bellard - QEMU の hw/usb/hcd-ehci.c の ehci_process_itd 関数におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2015-8558 2016-05-27 10:08 2015-12-15 Show GitHub Exploit DB Packet Storm
204179 8.1 重要
Network 		Safemode project - Ruby 用 Safemode gem における重要な情報を取得される脆弱性 CWE-200
CWE-264
CVE-2016-3693 2016-05-27 09:54 2016-04-14 Show GitHub Exploit DB Packet Storm
204180 5.3 警告
Network 		Moodle - Moodle における重要なe URL 情報を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2016-2190 2016-05-26 17:26 2016-03-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:May 23, 2026, 4:08 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
561 7.3 HIGH
Network 		- - Offline Hospital Management System 5.3.0 allows remote code execution due to an improper Electron renderer configuration. The application enables Node.js integration while disabling context isolation… Update CWE-917
 Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection') 		CVE-2026-26462 2026-05-20 22:16 2026-05-19 Show GitHub Exploit DB Packet Storm
562 - - - A Remote Code Execution vulnerability in P4 (Helix Core) Server's Command-Line Client, prior to the 2025.2 Patch 2, has been fixed to address potential security risks. Update CWE-94
Code Injection 		CVE-2026-6902 2026-05-20 16:16 2026-05-18 Show GitHub Exploit DB Packet Storm
563 - - - Rapid7 Metasploit Pro is vulnerable to a local privilege escalation attack that allows a user to gain SYSTEM level control of a Windows host. When started the metasploitPostgreSQL service would start… Update CWE-284
CWE-427
CWE-829
Improper Access Control
 Uncontrolled Search Path Element
 Inclusion of Functionality from Untrusted Control Sphere 		CVE-2026-7373 2026-05-20 08:16 2026-05-15 Show GitHub Exploit DB Packet Storm
564 9.1 CRITICAL
Network 		adenhq hive A vulnerability was found in adenhq hive up to 0.11.0. This affects the function _read_events_tail of the file core/framework/server/routes_sessions.py of the component Delete Request Handler. Perfor… Update CWE-22
Path Traversal 		CVE-2026-8757 2026-05-20 06:26 2026-05-17 Show GitHub Exploit DB Packet Storm
565 6.5 MEDIUM
Network 		kilo kilo_code A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component Fi… Update CWE-22
Path Traversal 		CVE-2026-8765 2026-05-20 06:21 2026-05-18 Show GitHub Exploit DB Packet Storm
566 5.3 MEDIUM
Network 		- - In the AWS Secrets Manager and SSM Parameter Store secrets backends of `apache-airflow-providers-amazon` prior to 9.28.0, the team-scoping logic could resolve a `conn_id` containing a `/` (e.g. `"my_… New CWE-863
 Incorrect Authorization 		CVE-2026-42526 2026-05-20 06:16 2026-05-20 Show GitHub Exploit DB Packet Storm
567 8.7 HIGH
Local 		- - JWT tokens that were used by workers in Kubernetes Executors have been exposed to users who had read only access to Kuberentes Pods. This could allow users with just read-only access to perform actio… New CWE-538
 File and Directory Information Exposure 		CVE-2026-27173 2026-05-20 06:16 2026-05-20 Show GitHub Exploit DB Packet Storm
568 - - - Discourse is an open-source discussion platform. In versions prior to 2026.1.4, 2026.3.1, 2026.4.1 and 2026.5.0-latest.1, a vulnerability in the discourse-subscriptions plugin allows users to gain a… New CWE-862
 Missing Authorization 		CVE-2026-34154 2026-05-20 06:08 2026-05-20 Show GitHub Exploit DB Packet Storm
569 5.9 MEDIUM
Network 		- - LIVE555 before 2026.04.22 contains an authorization bypass vulnerability in RTSP session command handling that allows attackers to replay valid Session tokens from unauthenticated connections. Attack… New CWE-863
 Incorrect Authorization 		CVE-2026-41470 2026-05-20 06:08 2026-05-20 Show GitHub Exploit DB Packet Storm
570 9.9 CRITICAL
Network 		- - Kitty is a cross-platform GPU based terminal. In versions 0.46.2 and below, the handle_compose_command() function in kitty/graphics.c performs bounds validation on composition offsets using unsigned … New CWE-125
CWE-190
CWE-787
Out-of-bounds Read
 Integer Overflow or Wraparound
 Out-of-bounds Write 		CVE-2026-33642 2026-05-20 06:08 2026-05-20 Show GitHub Exploit DB Packet Storm